1 / 12

VULN SCANNING

VULN SCANNING. BCIS 4630 Fundamentals of IT Security. Dr. Andy Wu. Overview. Nessus Architecture Plugins Reporting. Vulnerability Scanning. Scans the target for potential problems that yield the target vulnerable to attacks: Unpatched OS Outdated applications Unsecure accounts

chakra
Download Presentation

VULN SCANNING

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. VULN SCANNING BCIS 4630 Fundamentals of IT Security Dr. Andy Wu

  2. Overview • Nessus • Architecture • Plugins • Reporting

  3. Vulnerability Scanning • Scans the target for potential problems that yield the target vulnerable to attacks: • Unpatched OS • Outdated applications • Unsecure accounts • Misconfigurations • Etc. • Nessus is a market leader in vulnerability scanning. • Major contenders include SATAN, SAINT, Retina, etc.

  4. Nessus Architecture

  5. Nessus Architecture • Client-server architecture. • The program is in fact installed on the Nessus server. • Includes a large number of plug-ins. • Each plugin is a source of vulnerability. • Well organized and tied to industry vulnerability databases. • Plugins are organized into “families”. • A policy controls which vulnerabilities to load (scanning for those vulnarabilities).

  6. Nessus Server • The server component receives scanning requests from the client and performs the actual scan. • Runs as a service. • The managed port number is 8834. • Maintains a list of user accounts. • A user account is required for scanning. • Two types of accounts: admin and regular.

  7. Nessus Client • Connects to the server to perform the scan. • Typical thin-client (browser) application. • SSL connection to the server. • Can create its own, “private” scanning policies, or use “shared” policies” created by the administrator.

  8. Scan Settings

  9. Reporting Capabilities • Dynamic, context-driven, tabbed views in Web browser • Overview, executive summary reports • Detailed reports by port numbers/vulnerability IDs • Exported to HTML or rich-text formats

  10. Reporting Capabilities

  11. Password Guessing Script

  12. Credentials File

More Related